backup

Synopsis

netapi ise backup [OPTIONS]

Description

Triggers an ISE configuration backup to a specified repository. The backup includes policies, endpoints, certificates, and all ISE configuration data.

Options

Option Default Description

--repo, -r

nas-01

Repository name (must exist in ISE)

--key, -k

$ISE_BACKUP_KEY

Encryption key (or use env var)

--name, -n

(auto)

Backup name prefix

--desc, -d

(empty)

Backup description

--wait, -w

false

Wait for backup to complete

--timeout, -t

1800

Wait timeout in seconds (30 min)

Examples

Using Environment Variable (Recommended)

Store ISE_BACKUP_KEY in your secrets:

# In dev/storage secrets file:
# @ISE_BACKUP_KEY = YourKey123

# Load credentials
dsource d000 dev/network
dsource d000 dev/storage

# Run backup
netapi ise backup --repo nas-01 --name "pre-migration" --wait

With Explicit Key

netapi ise backup --repo nas-01 --key "MyKey123" --name "daily"

Fire and Forget

# Start backup, don't wait
netapi ise backup --repo nas-01 --name "scheduled"

# Check status later
netapi ise backup-status

Output

╭─────────────────────────────────────────────────────────╮
│ ISE Configuration Backup                                │
╰─────────────────────────────────────────────────────────╯
  Repository: nas-01 (NFS)
  Server: 10.50.1.70:/volume1/ise_backups
  Name: pre-migration

✓ Backup initiated successfully
Waiting for backup to complete...
✓ Backup completed: pre-migration-CFG10-260124-1845.tar.gpg

Encryption Key Requirements

Keys must meet ISE requirements:

  • 8-15 characters

  • At least one uppercase [A-Z], lowercase [a-z], and digit [0-9]

  • Only: [A-Za-z0-9_#]

  • Must NOT contain: CcIiSsOo

Generate compliant key:

</dev/urandom tr -dc 'ABDEFGHJKLMNPQRTUVWXYZabdefghjklmnpqrtuvwxyz0123456789_#' | head -c 12 && echo

See Also